How does PSD2 and Strong Customer Authentication effect you?

The revised Payment Services Directive (PSD2) is a requirement intended to increase protection against fraud for online purchases. The following article explains what’s happening and what you need to do.

What is Payment Services Directive (PSD2)?

The revised Payments Services Directive (PSD2) regulates the payments industry in the European Union. Stronger protection for customers who shop online using their personal or business debit and credit cards is being introduced and will protect your business too with fewer fraudulent charges.

To comply payment gateways need to ensure you have Strong Customer Authentication (SCA) for payments you accept from your customers in Europe to help mitigate card-not-present fraud.

What is Strong Customer Authentication (SCA)?

Strong Customer Authentication is what BookingLive refers to as 2FA (two-factor authentication). If a customer is buying online using their debit or credit card, SCA may require them to use two forms of authentication.

As an example, instead of just entering their 3D secure PIN or password (which is the current method and could result in the customer leaving the booking journey), Strong Customer Authentication would prompt a customer to enter a code generated on their personal banking app as a second step.

Customers are asked to enter this information only when it’s required. Your customers will see the 3D Secure indicator start to show up on orders after PSD2 comes into effect which may differ slightly across the gateways.

What do I do?

The short answer is nothing. Your payment provider will use two separate authentication elements to verify an online transaction in order to be compliant. This means as a BookingLive customer, you’ll automatically be compliant in time for the 14th September 2019 deadline.

Update 28th July 2019:

The deadline above may be delayed. For further information please see: https://www.cbronline.com/news/strong-customer-authentication-disaster